Question: Can I use Avira and SpywareBlaster together?

Answer:Yes.

SpywareBlaster is built to be compatible with other security tools, including Avira, as part of a multi-layered approach to security. Avira’s warning that SpywareBlaster is “incompatible” with Avira and must be uninstalled is incorrect and misleading. Ignore the warning, and continue using SpywareBlaster without issues.

SpywareBlaster can help keep your system secure, without interfering with the “good side” of the web. And unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

Called “OSX/OpinionSpy” or “PremierOpinions”, the spyware is bundled with some free Mac downloads; particularly “free screensavers”. Affected installers are actively being distributed from both 7art-screensavers . com (*do not visit*) and a few popular Mac download sites.

Among other behavior, the spyware:

Constantly runs in the background, sometimes using 50% or more CPU.

Enumerates, scans, and collects data from files on your computer.

Injects code into web browsers and other processes (which also can cause those programs to use considerable CPU), and collects personal information/data.

Regularly sends data to various servers.

Runs as “root”, and is thus capable of doing essentially *anything* on your computer.

Installing the spyware requires entering an administrator password as part of the affected screensaver (or other) install. This is not uncommon for Mac-based installers, but is yet another example of why you should make sure you trust a program before clicking “OK” on any administrator prompt.

But there’s happy news for all of our Mac-using friends: we’ve created a small, free utility that will let you instantly detect + (optionally) remove this spyware.

Solution:

OSX/OpinionSpy Detection + Removal Tool
Mac OS X 10.5, 10.6 – Free

Instructions:

Simply download and run the tool.

Click the “Scan Now” button.
The program will detect whether OSX/OpinionSpy is installed on your system.

If OSX/OpinionSpy is detected, you’ll be shown a “Remove OpinionSpy” button. Click it, and the tool will remove OSX/OpinionSpy.
(It will also show a detailed log of what it removed, after it’s done.)
Before clicking the “Remove” button, it’s highly recommended that you close any open web browsers (Safari, Firefox) and iChat, to purge the spyware’s injected code.

SpywareBlaster can help keep your system secure, without interfering with the “good side” of the web. And unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

SpywareBlaster can help keep your system secure, without interfering with the “good side” of the web. And unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

The CLSID List was originally started by Tony Klein as the BHO List, to catalog good and bad Internet Explorer Browser Helper Objects (BHOs). Over the years and across many different homes, it has expanded in scope to cover Toolbars, URLSearchHooks, and Explorer Bars, and has cemented its place as a truly invaluable resource to the online anti-malware community.

(Have you ever asked for malware-removal help at one of the many different HijackThis Log analysis forums? Your helper(s) likely used the list to help you out.)

A huge congratulations goes out to Tony Klein, miekiemoes, and all of the other contributors (and everyone who has submitted unknown items for investigation) for passing 60k! 🙂

For better or for worse, EULAs (those licenses with which you often have to agree to install software) are here to stay.

But the ways installers display them to the user differ wildly. Since part of the purpose behind our EULAlyzer program is to help keep users informed about what they’re agreeing to, we thought we’d take a look at some less-than-ideal examples to highlight where they may have gone wrong.

.Net Framework EULA

Today’s example: Microsoft’s .NET Framework 3.5 SP1 Setup.

It seems fairly obvious that someone wanted to cram a lot of options and information on a single screen, which is fine. But one of the sacrifices that forced was the almost comically small box in which the EULA is displayed.

The text above the EULA says in part (emphasis added):

Be sure to carefully read and understand all the rights and restrictions described in the license terms.

Yet doing so requires scrolling the EULA display quite a bit. And the “Page Down” key (mentioned below the EULA) is hardly any more useful than the “down” arrow key, due to the tiny size of the box.

Some of the major problems:

The EULA display box is small. Really small.

The EULA uses rich text formatting and large fonts which, while nice for the printed page, cause the EULA to look out of place and require more scrolling than would otherwise be necessary.

There is extra space at the top of the EULA. With everything else taken into account, this prevents even the first line from fully being displayed.

To Microsoft’s credit, a “Print” button is provided. This is extremely useful, but shouldn’t practically be a requirement to read the EULA with any ease.

Earlier today, Google experienced a rather significant glitch: All search results showed the “This site may harm your computer.” warning.

Normally this warning does a decent job of highlighting common, major sources of malware (and other unwanted things). Google reasonably disables potentially harmful links, and redirects to an intermediary page that (a) provides more information, and (b) requires you to copy + paste the address if you want to continue. It’s not perfect, but it’s another decent layer. So normally: if you see this warning you should pay attention.

For quite some time this morning, though, Google search was basically broken. The warning mistakenly showed up for all sites – which disabled clicking through to search results, cached copies of the pages, and essentially all of the usefulness of the search.

Google has since fixed the problem, but a screenshot is provided above for posterity.

UPDATE: It seems there is a lot of confusion about this on the Internet. To clarify:

The glitch was not caused by an infection on your computer. The problem was on Google’s end, and affected (seemingly) everyone.

If you are still seeing search results pages with all of the links marked as potentially harmful, try clearing your browser’s cache and refreshing the page.

Many bad or potentially unwanted pieces of software like to bury what they plan on doing in their license agreements. And, truth be told, most people simply don’t take the time to fully read the license agreements for programs they install. So the bad guys get away with it, and most people have no idea what they might be agreeing to.

EULAlyzer helps you instantly analyze license agreements (EULAs), to determine the risks that software might pose. Advertising? Data collection? Hidden installation of third-party software? EULAlyzer breaks down long license agreements into easy-to-parse points of interest, instantly, to help you quickly zero in on potentially riskier behavior.

And it’s not just limited to license agreements either – use it analyze web site terms and privacy policies too, or any other text you come across.

The new EULAlyzer 2.0 is compatible with Windows 2000, XP, 2003 and Vista.